MAP AZURE DEVOPS RUNTIME VARIABLES TO TERRAFORM INPUT VARIABLES
Greetings my fellow Technology Advocates and Specialists.
In this Session, I will demonstrate -
How to Map Azure DevOps Runtime Variables to Terraform Input Variables.
If at all we need to put the values in variables.tf or in tfvars.
I had the Privilege to talk on this topic in ONE Azure Communities:-
NAME OF THE AZURE COMMUNITY
TYPE OF SPEAKER SESSION
Virtual Boston Azure
Virtual
EVENT ANNOUNCEMENT:-
LIVE RECORDED SESSIONS:-
LIVE DEMO was Recorded as part of my Presentation in BOSTON AZURE USER GROUP Forum/Platform
Duration of My Demo = 41 Mins 07 Secs
REQUIREMENTS:-
Azure Subscription.
Azure DevOps Organisation and Project.
Service Principal with Delegated Graph API Rights and Required RBAC (Typically Contributor on Subscription or Resource Group)
Azure Resource Manager Service Connection in Azure DevOps.
Microsoft DevLabs Terraform Extension Installed in Azure DevOps.
HOW DOES MY CODE PLACEHOLDER LOOKS LIKE:-
OBJECTIVE:-
Deploy a Resource Group and User Assigned Managed Identity from the values provided by user in the DevOps Runtime Variables Parameters and not providing it again in Terraform variables.tf or tfvars
Please feel free to change the values of the variables.
The entire YAML pipeline is build using Parameters and variables. No Values are Hardcoded.
PART #3:-
PIPELINE STAGE DETAILS FOLLOW BELOW:-
This is a Two Stage Pipeline with 4 Runtime Variables - 1) Subscription ID 2) Service Connection Name 3) Resource Group Name and 4) User Assigned Managed Identity Name
The Names of the Stages are - 1) PLAN and 2) DEPLOY
Terraform Installer installed in Azure DevOps Build Agent.
2.
Terraform Init
3.
Terraform Validate
4.
Terraform Plan
5.
Copy the Terraform files (Most Importantly Terraform Plan Output) to Artifacts Staging Directory.
6.
Publish Artifacts
PIPELINE STAGE - DEPLOY:-
- stage: DEPLOY
condition: succeeded()
dependsOn: PLAN
jobs:
- deployment:
displayName: Deploy
environment: $(Environment)
pool:
vmImage: '$(BuildAgent)'
strategy:
runOnce:
deploy:
steps:
# Download Artifacts:-
- task: DownloadBuildArtifacts@0
displayName: DOWNLOAD ARTIFACTS
inputs:
buildType: 'current'
downloadType: 'single'
artifactName: '$(Artifact)'
downloadPath: '$(System.ArtifactsDirectory)'
# Install Terraform Installer in the Build Agent:-
- task: ms-devlabs.custom-terraform-tasks.custom-terraform-installer-task.TerraformInstaller@0
displayName: INSTALL TERRAFORM VERSION - LATEST
inputs:
terraformVersion: 'latest'
# Terraform Init:-
- task: TerraformTaskV2@2
displayName: TERRAFORM INIT
inputs:
provider: 'azurerm'
command: 'init'
workingDirectory: '$(System.ArtifactsDirectory)/$(Artifact)/AMTF/' # Az DevOps can find the required Terraform code
backendServiceArm: '${{ parameters.ServiceConnection }}'
backendAzureRmResourceGroupName: '$(ResourceGroup)'
backendAzureRmStorageAccountName: '$(StorageAccount)'
backendAzureRmContainerName: '$(Container)'
backendAzureRmKey: '$(TfstateFile)'
# Terraform Apply:-
- task: TerraformTaskV2@2
displayName: TERRAFORM APPLY # The terraform Plan stored earlier is used here to apply only the changes.
inputs:
provider: 'azurerm'
command: 'apply'
workingDirectory: '$(System.ArtifactsDirectory)/$(Artifact)/AMTF'
commandOptions: '--var-file=usrmid.tfvars'
environmentServiceNameAzureRM: '${{ parameters.ServiceConnection }}'
DEPLOY STAGE PERFORMS BELOW:-
##
TASKS
1.
DEPLOY Stage will Execute only if PLAN Stage completed successfully. If not, DEPLOY Stage will get Skipped Automatically.
2.
DEPLOY Stage will Execute only after Approval. The Approval is integrated with Environment defined in the Pipeline Variable Section (Environment: NonProd) and applied in DEPLOY Stage Jobs (environment: $(Environment)).
3.
Download the Published Artifacts.
4.
Terraform Installer installed in Azure DevOps Build Agent.
5.
Terraform Init
6.
Terraform Apply
DETAILS AND ALL TERRAFORM CODE SNIPPETS FOLLOWS BELOW:-
variable "RG_NAME" {
type = string
description = "Name of the Resource Group"
}
variable "rg-location" {
type = string
description = "Resource Group Location"
}
variable "USR_MID_NAME" {
type = string
description = "Name of the User Assigned Managed Identity"
}
IMPORTANT TO NOTE:-
The Variable name of the Resource Group and User Assigned Managed Identities in usrmid.tf and variables.tf are in upper case.
This is because Azure DevOps Pipeline variables which automatically references to Build Agent Environment Variables gets converted to uppercase
If the variables are not defined as above, the Pipeline waits for Resource Group and User Assigned Managed Identity Name as Input.
The Pipeline is then cancelled manually
TERRAFORM (usrmid.tfvars):-
rg-location = "West Europe"
IMPORTANT TO NOTE:-
There is No Resource Group and User Assigned Managed Identity Name Value provided in tfvars or in variables.tf
ITS TIME TO TEST:-
DESIRED RESULT: Stages - PLAN and DEPLOY should Complete Successfully. Resource Group and User Assigned Managed Identity Resources should get deployed. Remote State file gets created.
PIPELINE RUNTIME PARAMETERS WITH POPULATED VALUES:-
PIPELINE STAGE PLAN EXECUTED SUCCESSFULLY:-
PIPELINE STAGE DEPLOY WAITING APPROVAL:-
PIPELINE STAGE DEPLOY EXECUTED SUCCESSFULLY:-
PIPELINE OVERALL EXECUTION STATUS:-
VALIDATE RESOURCES DEPLOYED IN PORTAL:-
VALIDATE REMOTE TERRAFORM STATE FILE:-
23-may-2022-devops__runtime-variables-to-terraform-input-variables's People